[squid-dev] [PATCH] Allow unlimited LDAP search filter for ext_ldap_group_acl helper
Amos Jeffries
squid3 at treenet.co.nz
Tue Nov 3 08:29:33 UTC 2015
On 2/11/2015 11:47 p.m., Tsantilas Christos wrote:
> Hi all,
>
> The LDAP search filter in ext_ldap_group_acl is limited to 256
> characters. In some environments the user DN or group filter can be
> larger than this limitation.
>
> This patch uses dynamic allocated buffers for LDAP search filters.
>
> This is a Measurement Factory project
>
Audit:
* please add the new stdlib #include's alphabetically in that list if
possible.
* ldap_escape_value() would be simpler with C++11 syntax:
std::stringstream str;
for (const auto &c : src) {
escape_character(c, str);
}
return str.str();
- at which point there is actually no need for the escape_character()
function to exist. The switch can be re-inlined to the loop body to
further reduce the code.
* please do not use C-style casting in new code.
- I see at least "(int)c" in the escape_character() function.
* in searchLDAPGroup()
- s/searchbase =build_searchbase/searchbase = build_searchbase/
* Please use std::cerr in C++'ified code
- fprintf(stderr,... still being used in new/updated code of searchLDAP()
Amos
More information about the squid-dev
mailing list